From bd9fa30cf3d410feeedb37cefa4d745c359bfbfa Mon Sep 17 00:00:00 2001
From: Andreas Dangel <andreas.dangel@pmd-code.org>
Date: Thu, 22 Feb 2024 14:05:49 +0100
Subject: [PATCH] [dist] Bump commons-compress from 1.21 to 1.26.0

Fixes https://github.com/pmd/pmd/security/dependabot/51
Fixes CVE-2024-26308
Fixes https://github.com/advisories/GHSA-4265-ccf5-phj5
---
 pmd-dist/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pmd-dist/pom.xml b/pmd-dist/pom.xml
index f43dc7d212..fdd6d93f97 100644
--- a/pmd-dist/pom.xml
+++ b/pmd-dist/pom.xml
@@ -180,7 +180,7 @@
         <dependency>
             <groupId>org.apache.commons</groupId>
             <artifactId>commons-compress</artifactId>
-            <version>1.21</version>
+            <version>1.26.0</version>
             <scope>test</scope>
         </dependency>
     </dependencies>